From 4b66aab00fa0ea6bcc6ec81df19e44de34fd7864 Mon Sep 17 00:00:00 2001 From: Josh Kalderimis Date: Thu, 8 Jul 2010 18:16:36 +0200 Subject: mass_assignment_security moved from AR to AMo, and minor test cleanup MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: José Valim --- .../mass_assignment_security/permission_set.rb | 41 ++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 activemodel/lib/active_model/mass_assignment_security/permission_set.rb (limited to 'activemodel/lib/active_model/mass_assignment_security/permission_set.rb') diff --git a/activemodel/lib/active_model/mass_assignment_security/permission_set.rb b/activemodel/lib/active_model/mass_assignment_security/permission_set.rb new file mode 100644 index 0000000000..978da493d7 --- /dev/null +++ b/activemodel/lib/active_model/mass_assignment_security/permission_set.rb @@ -0,0 +1,41 @@ +require 'active_model/mass_assignment_security/sanitizer' + +module ActiveModel + module MassAssignmentSecurity + + class PermissionSet < Set + attr_accessor :logger + + def +(values) + super(values.map(&:to_s)) + end + + def include?(key) + super(remove_multiparameter_id(key)) + end + + protected + + def remove_multiparameter_id(key) + key.gsub(/\(.+/, '') + end + end + + class WhiteList < PermissionSet + include Sanitizer + + def deny?(key) + !include?(key) + end + end + + class BlackList < PermissionSet + include Sanitizer + + def deny?(key) + include?(key) + end + end + + end +end \ No newline at end of file -- cgit v1.2.3 From c285f07a92c643729a1a6ae6282cd597fe8e20e3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Valim?= Date: Thu, 8 Jul 2010 19:02:34 +0200 Subject: Change documentation for ActiveModel::MassAssignmentSecurity a bit and make debug always be called since some people may overwrite warn! to add extra behavior even if logger is not available. --- .../active_model/mass_assignment_security/permission_set.rb | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) (limited to 'activemodel/lib/active_model/mass_assignment_security/permission_set.rb') diff --git a/activemodel/lib/active_model/mass_assignment_security/permission_set.rb b/activemodel/lib/active_model/mass_assignment_security/permission_set.rb index 978da493d7..7c48472799 100644 --- a/activemodel/lib/active_model/mass_assignment_security/permission_set.rb +++ b/activemodel/lib/active_model/mass_assignment_security/permission_set.rb @@ -2,7 +2,6 @@ require 'active_model/mass_assignment_security/sanitizer' module ActiveModel module MassAssignmentSecurity - class PermissionSet < Set attr_accessor :logger @@ -14,11 +13,11 @@ module ActiveModel super(remove_multiparameter_id(key)) end - protected + protected - def remove_multiparameter_id(key) - key.gsub(/\(.+/, '') - end + def remove_multiparameter_id(key) + key.to_s.gsub(/\(.+/, '') + end end class WhiteList < PermissionSet @@ -36,6 +35,5 @@ module ActiveModel include?(key) end end - end end \ No newline at end of file -- cgit v1.2.3